WP1 System's requirements analysis | Leader: HES-SO
This work package will take care of the gathering and iterative update of system requirements during the project lifetime, particularly user requirements, architecture design requirements, application programming interface (API) specifications, performance requirements and existing security and privacy solutions. These are going to be defined in collaboration with users’ representatives of the involved stakeholder groups, namely individual data subjects, hospitals, research centres and businesses, through questionnaires, interviews and focus groups.
WP2 Regulatory and compliance study | Leader: Panetta&Associati
This work package will deal with the evaluation of project developments to ensure compliance with the current privacy and data protection applicable legislation at EU, national and international level, with particular attention to the novel framework laid down by the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679).
WP3 Personal data human interaction and service | Leader: HWC
This work package will assure the willingness of patients as data subjects to donate their information, and to allow them to be used within their control through the Dynamic Consent model. The user interface will be implemented to empower data subjects with the ability to allow or revoke data access for specific purposes with the use of Smart Contracts, and to be notified about the use of their information, by whom and for what purpose.
WP4 Data harmonisation module extensions | Leader: HES-SO
The work package will take care of the development of normalisation services designed to process, harmonize and integrate the highly heterogeneous data coming from the different data sources.
WP5 Privacy preserving solutions and data security layers | Leader: Athena
This work package will be devoted to the development of solutions for data protection and privacy preservation, including data publication and flow execution engines incorporating anonymization and encryption techniques, implementation of methods for data profiling, application of watermarks and fingerprints to datasets, and privacy-by-design analytics.
WP6 Blockchain integration, smart contracts and pilot infrastructure | Leader: Gnùbila
The goal of this work package is to design, implement and deploy the blockchain technology as the transparent and distributed data transaction ledger. The infrastructure will comprise an identity provider, a blockchain ledger, an application programming interface (API), second level anonymization and data replication services. The platform will be delivered, documented and thoroughly tested, and made available for penetration challenges and the execution of re-identification threat scenarios.
WP7 Platform-driven assessment of attitudes and sensibilities with regard to ethical, privacy, and data security issues | Leader: Lynkeus
The goal of this work package is to assess the public perceptions and attitudes towards privacy and data security, which will be employed to drive the design of MHMD platform, Personal Data Accounts, Dynamic Consent Module and Smart Contracts. The study will utilize two complementary information gathering approaches: the former investigating users’ actual behaviours through the use of data mining techniques applied to data transactions and user profiles, to study what type of data users tend to give or deny permission access to, under what circumstances, and for what reasons; the latter measuring their stated values and preferences, by electronic questionnaires which will capture user values and preferences under different scenarios.
WP8 Prototypical implementation of advanced data analytics (big data) use case on securely anonymised and encrypted data | Leader: Siemens Healthcare GmbH
The main objective of this work package is to demonstrate the feasibility of clinical applications using the MHMD infrastructure and to explore potential ways to exploit the value of large medical and non-medical datasets. In particular, the possibility of making use of securely anonymised or encrypted data for advanced data analytics and patient-specific model-based prediction applications, such as personalized physiological modelling for clinical risk estimation, or retrieval of medical annotations relative to a clinical case as well as identification of similar cases from the database.
WP9 Penetration & re-identification challenge | Leader: CNR
This work package deals with penetration challenge activities, or else the simulation of attacks to synthetic data sets with virtual subjects’ information, to validate the overall system security against re-identification and privacy violation attacks, together with a risk-based cost/benefit analysis of privacy schemes.
WP10 Coordination & management | Leader: Lynkeus
This work package will be dedicated to disseminate project contents and outcomes to the public, fostering the creation of a community dedicated to the themes of data privacy and security in the e-health sector, by dissemination materials, website and social media accounts, attendance to relevant conferences and public events, collaborations and cross-fertilization with other EU projects, and organisation of dissemination events. In parallel, this will take care of optimal commercial exploitation of the project technological and scientific outcomes through development of an appropriate strategy plan.
WP11 Dissemination and exploitation | Leader: Lynkeus
This work package is meant to monitor and ensure the compliance of partners with their obligations under the grant agreement by assessing the efforts performed, the accomplishment of tasks and the achievement of milestones, as well as risk identification, assessment and mitigation. Besides, the Coordinator will interface on behalf of the consortium with the European Commission, being responsible for managing financial contribution, and interface with general external requests for information.